In cyber security, determining attribution is one of the most difficult challenges. Attribution in cyber security is the determination of the actor responsible for an action. Attribution on the Internet can mean the owner of the machine (e.g. XYZ Corporation), the physical location of the machine (e.g. Fremont, Calif., China) or the individual who is actually responsible for the action.
Attribution on the Internet has not been universally solved. But there are technologies available that enable an organization to insert attribution markers into their network traffic. These attribution markers allow an organization to differentiate between network traffic originating from an actor associated with the organization and traffic originating from actors not associated with the organization. At first, these attribution technologies were deployed as standalone security devices. In the present invention, attribution technologies are integrated with conventional network security devices and can be shown to provide additional protections to both attributable and non-attributable network traffic. This constitutes a major technological advance, and would satisfy long felt needs and aspirations in the cyber security industry.